A currently ongoing spam campaign attempts to trick users into thinking that their ability to send Domestic Wire Transfers has been disabled. Impersonating the Federal Deposit Insurance Corporation (FDIC), the cybercriminals behind the campaign are potentially earning thousands of dollars in the process of monetizing the anticipated traffic.

Once users click on the bogus ‘secure download link’, they’re automatically exposed to the client-side exploits served by the Black Hole Exploit Kit.

More details:

Sample screenshot of the spamvertised email:

Sample of compromised URLs used in the campaign:hxxp://greetingsjackass.com/securefdicinform.html; hxxp://www.galaxiafilm.it/securefdicinform.html; hxxp://www.esv-hochkogel.at/securefdicinform.html